Bug 2310485
| Summary: | [rgw] PutBucketPolicy for a bucket is failing with not a valid action if we include s3:GetObjectAttributes in the actions list | ||
|---|---|---|---|
| Product: | [Red Hat Storage] Red Hat Ceph Storage | Reporter: | Hemanth Sai <hmaheswa> |
| Component: | RGW | Assignee: | Matt Benjamin (redhat) <mbenjamin> |
| Status: | CLOSED ERRATA | QA Contact: | Hemanth Sai <hmaheswa> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.0 | CC: | akraj, ceph-eng-bugs, cephqe-warriors, mbenjamin, prsrivas, tserlin |
| Target Milestone: | --- | ||
| Target Release: | 8.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ceph-19.1.1-27.el9cp | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2024-11-25 09:09:10 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2317218 | ||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat Ceph Storage 8.0 security, bug fix, and enhancement updates), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2024:10216 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days |
Description of problem: PutBucketPolicy for a bucket is failing with not a valid action if we specify s3:GetObjectAttributes in the actions list [cephuser@ceph-pri-hsm-squid-j9zu1f-node6 ~]$ cat bkt_policy.json { "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": ["s3:GetObject", "s3:GetObjectAttributes"], "Resource": "arn:aws:s3:::*" } ] } [cephuser@ceph-pri-hsm-squid-j9zu1f-node6 ~]$ [cephuser@ceph-pri-hsm-squid-j9zu1f-node6 ~]$ aws --endpoint-url http://10.0.67.73:80 s3api put-bucket-policy --bucket bkt1 --policy file://bkt_policy.json An error occurred (InvalidArgument) when calling the PutBucketPolicy operation: At character offset 143, `s3:GetObjectAttributes` is not a valid action. [cephuser@ceph-pri-hsm-squid-j9zu1f-node6 ~]$ Version-Release number of selected component (if applicable): ceph version 19.1.0-71.el9cp How reproducible: always Steps to Reproduce: 1.deploy cluster on 8.0 with rgw daemons 2.create a bucket 3.PutBucketPolicy with s3:GetObjectAttributes as the policy action. it fails with not a valid action. Actual results: PutBucketPolicy fails with `s3:GetObjectAttributes` is not a valid action Expected results: Expected s3:GetObjectAttributes is also a valid bucket policy action Additional info: